Building a capture the flag challenge
I was wondering if anyone has any experience with building or implementing a capture-the-flag (ctf) challenge environment for training security professionals?
I'm looking for something that could give me a head-start in building something in a contest setting.
I'm aware and familiar with the usual kits out there like Metasploitable, WebGoat, DVWA, VulnerableByDesign, and the various OWASP demo projects. etc.
I was wondering if people have just stitched together their own from these systems or if there is different or better method to creating a CTF challenge.
Any ideas/thoughts appreciated.
I'm looking for something that could give me a head-start in building something in a contest setting.
I'm aware and familiar with the usual kits out there like Metasploitable, WebGoat, DVWA, VulnerableByDesign, and the various OWASP demo projects. etc.
I was wondering if people have just stitched together their own from these systems or if there is different or better method to creating a CTF challenge.
Any ideas/thoughts appreciated.
Comments
-
demonfurbie
Member Posts: 1,819 ■■■■■□□□□□
are the teams over the net or locally?
locally if give them netbooks with a clean install of kali and an hour to config/install as they want
over the internet ya cant really control that much
for servers give them a fresh install of what ever and 2 hours to sec itwgu undergrad: done ... woot!!
WGU MS IT Management: done ... double woot :cheers: